Transport Layer Security (TLS v1) protocols. It provides a rich API which is
documented here.
-Then an B<SSL_CTX> object is created as a framework to establish
+An B<SSL_CTX> object is created as a framework to establish
TLS/SSL enabled connections (see L<SSL_CTX_new(3)>).
Various options regarding certificates, algorithms etc. can be set
in this object.
L<SSL_set_bio(3)> can be used to associate the network
connection with the object.
-Then the TLS/SSL handshake is performed using
+When the TLS/SSL handshake is performed using
L<SSL_accept(3)> or L<SSL_connect(3)>
respectively.
L<SSL_read_ex(3)>, L<SSL_read(3)>, L<SSL_write_ex(3)> and L<SSL_write(3)> are
=item B<SSL_METHOD> (SSL Method)
-That's a dispatch structure describing the internal B<ssl> library
+This is a dispatch structure describing the internal B<ssl> library
methods/functions which implement the various protocol versions (SSLv3
TLSv1, ...). It's needed to create an B<SSL_CTX>.
This structure holds the algorithm information for a particular cipher which
are a core part of the SSL/TLS protocol. The available ciphers are configured
-on a B<SSL_CTX> basis and the actually used ones are then part of the
+on a B<SSL_CTX> basis and the actual ones used are then part of the
B<SSL_SESSION>.
=item B<SSL_CTX> (SSL Context)
-That's the global context structure which is created by a server or client
+This is the global context structure which is created by a server or client
once per program life-time and which holds mainly default values for the
B<SSL> structures which are later created for the connections.
=item B<SSL> (SSL Connection)
-That's the main SSL/TLS structure which is created by a server or client per
+This is the main SSL/TLS structure which is created by a server or client per
established connection. This actually is the core structure in the SSL API.
-Under run-time the application usually deals with this structure which has
+At run-time the application usually deals with this structure which has
links to mostly all other structures.
=back
=item B<ssl.h>
-That's the common header file for the SSL/TLS API. Include it into your
+This is the common header file for the SSL/TLS API. Include it into your
program to make the API of the B<ssl> library available. It internally
includes both more private SSL headers and headers from the B<crypto> library.
Whenever you need hard-core details on the internals of the SSL API, look
=item B<ssl3.h>
-That's the sub header file dealing with the SSLv3 protocol only.
+This is the sub header file dealing with the SSLv3 protocol only.
I<Usually you don't have to include it explicitly because
it's already included by ssl.h>.
=item B<tls1.h>
-That's the sub header file dealing with the TLSv1 protocol only.
+This is the sub header file dealing with the TLSv1 protocol only.
I<Usually you don't have to include it explicitly because
it's already included by ssl.h>.
=item int B<SSL_CTX_use_certificate_file>(SSL_CTX *ctx, const char *file, int type);
+=item int B<SSL_CTX_use_cert_and_key>(SSL_CTX *ctx, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+
=item X509 *B<SSL_CTX_get0_certificate>(const SSL_CTX *ctx);
=item EVP_PKEY *B<SSL_CTX_get0_privatekey>(const SSL_CTX *ctx);
=item SSL_SESSION *B<SSL_get_session>(const SSL *ssl);
-=item char *B<SSL_get_shared_ciphers>(const SSL *ssl, char *buf, int len);
+=item char *B<SSL_get_shared_ciphers>(const SSL *ssl, char *buf, int size);
=item int B<SSL_get_shutdown>(const SSL *ssl);
=item int B<SSL_use_certificate_file>(SSL *ssl, const char *file, int type);
+=item int B<SSL_use_cert_and_key>(SSL *ssl, X509 *x, EVP_PKEY *pkey, STACK_OF(X509) *chain, int override);
+
=item int B<SSL_version>(const SSL *ssl);
=item int B<SSL_want>(const SSL *ssl);
=head1 HISTORY
-B<SSLv2_client_method>, B<SSLv2_server_method> and B<SSLv2_method> where removed
+B<SSLv2_client_method>, B<SSLv2_server_method> and B<SSLv2_method> were removed
in OpenSSL 1.1.0.
The return type of B<SSL_copy_session_id> was changed from void to int in
=head1 COPYRIGHT
-Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy